update AP, matrix, ssb

This commit is contained in:
Jay Graber 2020-07-20 12:59:03 -07:00
parent b6d8d21263
commit 998134a76d
3 changed files with 16 additions and 6 deletions

View File

@ -8,7 +8,9 @@ ActivityPub consists of two layers: A server-to-server federation protocol, and
Users in ActivityPub are conceptualized as actor objects. Actor to actor communication bears a resemblance to email. To be spec compliant, each actor _must_ have an "inbox" and an "outbox" endpoint, as URLs which are accessible on the server. They also _should_ have "following" and "followers". They _may_ have "liked" collections, and many other predefined possibilities.
[Authentication](https://www.w3.org/wiki/SocialCG/ActivityPub/Authentication_Authorization): Server to server federation is authenticated using HTTP Signatures. The server creates a public and private keypair for each actor, and a publicly accessible JSON-LD document retrievable over HTTP which contains its public key. Each message the server sends on behalf of an actor is signed by its key. When a remote server receives a POST to its inbox, it verifies the signature on the HTTP request. To verify object integrity, linked data signatures are used to sign the object with the publicKey of the actor who authored it.
Although not part of the ActivityPub spec, in practice Webfinger is used to discover actor profiles.
Server to server federation is [authenticated](https://www.w3.org/wiki/SocialCG/ActivityPub/Authentication_Authorization) using HTTP Signatures. The server creates a public and private keypair for each actor, and a publicly accessible JSON-LD document retrievable over HTTP which contains its public key. Each message the server sends on behalf of an actor is signed by its key. When a remote server receives a POST to its inbox, it verifies the signature on the HTTP request. To verify object integrity, linked data signatures are used to sign the object with the publicKey of the actor who authored it.
A [paper](https://github.com/WebOfTrustInfo/rwot5-boston/blob/master/final-documents/activitypub-decentralized-distributed.md) from the 2017 Rebooting the Web of Trust conference describes how distributed, cryptographic identities could be added to ActivityPub.
@ -56,7 +58,9 @@ Any service that implements the ActivityPub server-to-server protocol can intero
The client-to-server protocol defines a standard way for user client software to connect to ActivityPub servers. In practice, it is rarely used. None of the major Fediverse services implement it. The vision of how it would work if it were widely used is that a user application could mix and match different servers like Mastodon, Pleroma, PixelFed, and any new service that implemented it.
Diaspora, another federated social network, chose not to adopt ActivityPub.
[Bridgy Fed](https://github.com/snarfed/bridgy-fed) is a project to connect IndieWeb sites with the ActivityPub and OStatus federated networks.
[Diaspora](../applications/diaspora.md), another federated social network, chose not to adopt ActivityPub.
### Scalability
@ -66,15 +70,19 @@ The ActivityPub ecosystem scales up by adding more server capacity to the networ
[fediverse.network](https://fediverse.network/) maintains statistics of the known oStatus/ActivityPub fediverse.
### Implementations
### Implementations & Applications
[W3C Implementation Report](https://activitypub.rocks/implementation-report/)
[Watchlist for ActivityPub Apps](https://git.feneas.org/feneas/fediverse/-/wikis/watchlist-for-activitypub-apps)
Notable applications:
- [Mastodon](https://mastodon.social/about) (the largest federated network built on ActivityPub) has 2699 nodes and 2.6M users as of 5/2020
- [Pleroma](https://pleroma.social/) is another federated social network. According to stats at [the-federation.info](the-federation.info), Pleroma has 620 nodes with 35K users as of 5/2020.
- [PixelFed](https://pixelfed.org/) is an ActivityPub based image-sharing platform.
- [Friendica](https://friendi.ca/) is a decentralized social network with support for ActivityPub, as well as the OStatus and diaspora protocols.
- [PeerTube](https://joinpeertube.org/) is a free and decentralized video platform.
- [Plume](https://joinplu.me/) is a federated blogging application
### Related

View File

@ -4,13 +4,15 @@ Matrix is a protocol for replicating a signed history of JSON objects in realtim
### Identity
A matrix user ID includes the username along with the user's homeserver. For example:
A Matrix [identifier](https://matrix.org/docs/spec/appendices#common-identifier-format) takes the form of `*localpart:homeserver`, where \* is a “sigil” character which is used to identify the entitys type. The sigil character "@" states that the entity is a Matrix user ID, and the "localpart" is an identity allocated by that homeserver. For example:
`@bob:matrix.org`
Other sigil IDs include "!" for Room ID, "$" for Event ID, "+" for Group ID, and "#" for room alias.
User accounts, once created on a homeserver, cannot be migrated. To change servers, a user must make a new account. [Automated tooling](https://modular.im/tools/matrix-migration) exists to help with inviting the new account into rooms the previous account was in.
Users have a Matrix user ID, but can also use 3rd party IDs. Matrix identity servers map 3rd party IDs such as email addresses, social accounts, and phone numbers to Matrix ids. The use of this service is optional. A globally federated cluster of trusted identity servers verify and replicate the mappings, although this is considered a stopgap solution until a fully decentralized identity solution is adopted.
Users have a Matrix user ID, but can also use [3rd party IDs (3PIDs)](https://matrix.org/docs/spec/appendices#pid-types). Matrix identity servers map 3rd party IDs such as email addresses and phone numbers to Matrix ids. The use of this service is optional. A globally federated cluster of trusted identity servers verify and replicate the mappings, although this is considered a stopgap solution until a fully decentralized identity solution is adopted.
User IDs used in conversations will soon be decoupled from permanent IDs, allowing one to decorrelate users from their messages.

View File

@ -104,5 +104,5 @@ Other applications include:
- [Overview](https://scuttlebot.io/more/protocols/secure-scuttlebutt.html)
- [Ssb concepts](https://handbook.scuttlebutt.nz/concepts/)
- [Dark Crystal ssb protocol docs](https://darkcrystal.pw/ssb-protocol-docs.html)
- [Dark Crystal ssb protocol docs](https://darkcrystal.pw)
- [3box comparison of p2p DBs: GUN, OrbitDB, Scuttlebutt](https://medium.com/3box/3box-research-comparing-distributed-databases-gun-orbitdb-and-scuttlebutt-2e3b5da34ef3)